Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

MAS Publish Error: Invalid Code Signing ... must be signed with the certificate that is contained in the provisioning profile

See original GitHub issue

Electron-Builder Version: 23.1.0 - 23.3.2
Node Version: 14.17.0
Electron Version: 18.3.2
Electron Type (current, beta, nightly): current
Target: --universal (Mac x64 and arm64)

Happy to report that I have a working Universal (fat) app for non-MAS builds.

However, there’s some kind of MAS-related code-signing issue happening, possibly related to x64ArchFiles. Here’s what I’m seeing on MAS publish for both thin/fat apps:

2022-07-21 21:30:48.405 *** Error: Invalid Code Signing. The executable 'com.semireg.LabelLIVE.pkg/Payload/Label LIVE.app/Contents/Frameworks/numbers-to-csv/Python' must be signed with the certificate that is contained in the provisioning profile. With error code STATE_ERROR.VALIDATION_ERROR.90284 for id ABCD-1234-DEFGH-5678 Asset validation failed (-19208)

I only get this when using the latest electron-builder >= 23.3.0.

Could it be related to copying numbers-to-csv over in a extraFiles/extraResources step? I’ve checked the offending file and nothing stands out as obviously wrong, but I’m no expert in MAS code signing.

Sometimes I see a failure at build/package/signing time. For example, this strange output with 23.2.0 which seems related somehow…

⨯ Command failed: codesign --sign ABCD1234EFGHIJKLMNOPQ --force --timestamp --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --options runtime --entitlements build/entitlements-lll.plist /Users/path/release/mas/Label LIVE.app/Contents/Frameworks/numbers-to-csv/Python /Users/path/release/mas/Label LIVE.app/Contents/Frameworks/numbers-to-csv/Python: replacing existing signature /Users/path/release/mas/Label LIVE.app/Contents/Frameworks/numbers-to-csv/Python: main executable failed strict validation

Maybe a clue? 🤷

Fwiw, downgrading to 23.1.0 lets me build/upload a standard/thin x86 MAS app, however, it can’t successfully build/upload a Universal (fat) app due to the above Code Signing rejection when publishing to MAS.

Issue Analytics

State:
Created a year ago
Reactions:1
Comments:10

Top GitHub Comments

1reaction

mmaiettacommented, Jul 27, 2022

Hey @semireg, I’m trying out a potential fix, not sure how well it’ll work but all CI builds pass. Please try 23.3.3 when it publishes momentarily.

0reactions

mmaiettacommented, Jul 31, 2022

Published 23.3.3 as latest

Top Results From Across the Web

After uploading to apple Error: ITMS-90284 - Apple Developer

After uploading to apple Error: ITMS-90284: Invalid Code Signing ... must be signed with the certificate that is contained in the provisioning profile."...

Wrong code signing identity is chosen (SOLVED) - Defold Forum

“ERROR ITMS-90179 : Invalid code signing. The executable '' must be signed with the certificate that is contained in the provisioning profile”.

Code Signing - electron-builder

Windows is dual code-signed (SHA1 & SHA256 hashing algorithms). ... CSC_KEY_PASSWORD, The password to decrypt the certificate given in CSC_LINK .

ERROR ITMS-90283: Invalid Provisioning Profile. The ...

ERROR ITMS-90283: Invalid Provisioning Profile. The provisioning profile included in the bundle is invalid [Missing code-signing certificate].

What is a provisioning profile & code signing in iOS?

Why Provisioning Profiles? · Development Certificates — development certificate. · Unique Device Identifiers (List of devices that the app can run on) ·...